defirisk.co
rubric v1.7.0

Disclosure SLA public

Jupiter Perpetual Exchange's assessment for RD-F-176 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No public acknowledgment-time SLA found for the Jupiter bug bounty program. Jupiter documentation (jup.ag, developers.jup.ag, support.jup.ag) does not publish a responsible-disclosure window or response-time commitment. The OOOSec platform may have platform-level defaults but Jupiter-specific SLA is not publicly confirmed — OOOSec page returned 403 during assessment.

Sources #

  • Docs
    Jupiter Perpetuals Developer DocsJupiter developer docs — no disclosure SLA, acknowledgment timeframe, or responsible-disclosure policy documentedretrieved 2026-05-16

Methodology #

Determine whether the protocol publishes an acknowledgment-time SLA for disclosed vulnerabilities (e.g., 72h ack).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol jupiter-perps factor RD-F-176 score red collected_at 2026-05-16 01:53:11